The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
Security News

CVE-1999-0914

Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.

01/03/1999

CVE-1999-0389

Buffer overflow in the bootp server in the Debian Linux netstd package.

01/03/1999

CVE-2000-0005

HP-UX aserver program allows local users to gain privileges via a symlink attack.

01/02/1999

CVE-1999-1422

The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users.

01/02/1999

CVE-1999-1170

IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.

01/02/1999

CVE-1999-0402

wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.

01/02/1999

CVE-1999-1568

Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.

01/01/1999

CVE-1999-1440

Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client.

01/01/1999

CVE-1999-1430

PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access.

01/01/1999

CVE-1999-0698

Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.

01/01/1999

CVE-1999-0665

An application-critical Windows NT registry key has an inappropriate value.

01/01/1999

CVE-1999-0664

An application-critical Windows NT registry key has inappropriate permissions.

01/01/1999

CVE-1999-0663

A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.

01/01/1999

CVE-1999-0662

A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.

01/01/1999

CVE-1999-0661

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.

01/01/1999

CVE-1999-0660

** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE.  It might be more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."

01/01/1999

CVE-1999-0659

** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."

01/01/1999

CVE-1999-0658

** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: None.  Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE).  Notes: the former description is: "DCOM is running."

01/01/1999

CVE-1999-0657

WinGate is being used.

01/01/1999

CVE-1999-0656

The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.

01/01/1999

Security News 152681 - 152700 of 153514
First | Prev. | 7633 7634 7635 7636 7637 | Next | Last All
Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015